Changes in UserGate Log Analyzer 7

UserGate Log Analyzer 7.0.1 (build 7.1.0.1704R, 02.04.2024).

Сhanges in new version:

  • [SUM-3222] Added the ability to automatically respond to security incidents by sending a command to the end device.
  • [SUM-3265] Added the ability to set the Management Center and LogAnalyzer/SIEM address using FQDN.
  • [SUM-3444] Added the ability to view the full disk size and configure the storage period for event logs.
  • [SUM-4313] Added support for UserGate LogAn devices for centralized management.
  • [SUM-4499] Added custom normalization of endpoint and Syslog event log entries.
  • [SUM-4855] Added SIEM (Security Information and Event Management) functionality.
  • [SUM-4855] Added IRP (Incident Response Platform) functionality.
  • [SUM-4855] Added separation of UserGate Log Analyzer roles into Log Collector and SIEM.
  • [SUM-4872] Added the ability to use data received from end devices when building an overall picture of the security situation in an enterprise, and to correlate data with other data sources.
  • [SUM-4872] Added support for end devices with UserGate Client software installed as a source of information. Added receiving telemetric information from end devices (loading resources, lists of running processes and services), Windows logs, and other essential information about the security of end devices.
  • [SUM-6755] Added possibilities for presenting information (drill downs, convenient creation of filters for displaying information) in logs and in the Dashboard.

UserGate Log Analyzer 7.0.1 (build 7.0.1.1022R, 04.12.2023).

Сhanges in new version:

  • [UGDNS-21315] Fixed a bug in the ARM version update mechanism, which could lead to the device not working.

UserGate Log Analyzer 7.1.0 (Release Candidat build 7.0.1.1605R, 16/11/2023).

Сhanges in new version:

  • [UGDNS-9695 ] Improved search for rules using ipSource, ipDest and user filters.
  • [UGDNS-11377] Added the ability to automatically respond to security incidents by sending a command to the end device.
  • [UGDNS-12561] Added the ability to use data obtained from end devices when building an overall picture of the security state of the enterprise, and correlate data with other data sources.
  • [UGDNS-12590] Added retrieval of end device telemetry information (resource loading, lists of running processes and services), Windows logs, and other essential information about end device security.
  • [UGDNS-13013] Added support for end devices with UserGate Client software installed as an information source.
  • [UGDNS-13347] Added a timer to automatically close the admin session.
  • [UGDNS-15397] Added dark interface theme.
  • [UGDNS-15517] Added UserID functionality for transparent authentication using Active Directory and Syslog logs.
  • [UGDNS-15896] The process of adding analytics rule triggers to an incident has been optimized when the response action is set to create an incident.
  • [UGDNS-16544] Added custom normalization of endpoint and Syslog event log entries.
  • [UGDNS-16687] Added an Alias field in the interface properties for working with SNMP.
  • [UGDNS-17157] Added the ability to add pcap files to incident attachments.
  • [UGDNS-17216] Added the ability to monitor access to DNS servers via API.
  • [UGDNS-17881] Added support for SHA-2 family hashing algorithms for SNMP manager authentication.
  • [UGDNS-18093] Added the ability to add sections to favorites and display only these sections in the web interface.
  • [UGDNS-18146] Added the ability to receive Unix system events via TCP and UDP protocols simultaneously.
  • [UGDNS-18674] Added display of notifications when analytics rules are triggered in the web console.
  • [UGDNS-18775] Enhanced CLI and PMC CLI functionality.
  • [UGDNS-18947] Added filtering of WMI sensors by status.
  • [UGDNS-19552] Added separation of UserGate Log Analyzer roles into Log Collector and SIEM.
  • [UGDNS-19592] New licensing modules have been added that provide access to SIEM functionality and updates to the corresponding libraries.

UserGate Log Analyzer 7.0.1 (hotfix build 7.0.1.1007R, 23/09/2023).

Сhanges in new version:

  • [UGDNS-18036] Fixed error filtering events log entries by user.
  • [UGDNS-20199 ] Fixed bug with offline activation of LogAn and MC.
  • [UGDNS-20298] Improved clock accuracy for the C150 HWA.

UserGate Log Analyzer 7.0.1 (hotfix build 7.0.1.989R, 31/08/2023).

Сhanges in new version:

  • Technical release. No changes.

UserGate Log Analyzer 7.0.1 (hotfix build 7.0.1.949R, 02/08/2023).

Сhanges in new version:

  • Technical release. No changes.

UserGate Log Analyzer 7.0.1 (hotfix build 7.0.1.905R, 05/07/2023).

Сhanges in new version:

  • [UGDNS-18907] Fixed a bug where logging settings may be reset after a reboot.

UserGate Log Analyzer 7.0.1 Release (build 7.0.1.826R, 27/04/2023).

Сhanges in new version:

  • Added SIEM functionality (Security Information and Event Management). UserGate LogAn collects data from different sensors, provides aggregation and correlation of sensitive data and creates security incidents. Action rules provide ability to automatically react for security incidents.
  • Added IRP functionality (Incident Response Platform). UserGate LogAn allows to define the security incidents workflow for a specific company requirements.
  • Absolutely new version of UGOS. Lightweight and specially designed for high loaded purposes.
  • Added support for RestAPI.
  • Added ability for integration with GOSSOPKA.
  • Added various drill-downs in reports, dashboard and monitoring.
  • Added partial support for VMWare tools.
  • New licensing platform.

UserGate Log Analyzer 7.0.0 Release Candidate (build 7.0.0.735RC, 01/09/2022).

New in 7.0.0:

  • Added SIEM functionality (Security Information and Event Management). UserGate LogAn collects data from different sensors, provides aggregation and correlation of sensitive data and creates security incidents. Action rules provide ability to automatically react for security incidents.
  • Added IRP functionality (Incident Response Platform). UserGate LogAn allows to define the security incidents workflow for a specific company requirements.
  • Absolutely new version of UGOS. Lightweight and specially designed for high loaded purposes.
  • Added support for RestAPI.
  • Added ability for integration with GOSSOPKA.
  • Added various drill-downs in reports, dashboard and monitoring.
  • Added partial support for VMWare tools.
  • New licensing platform.